Pardon the idiotic title, but some recent discussions around security analytics have made this question practically relevant.
So:
You have a SIEM and other security technologies focused on detection and...

Lately I’ve been surprised by some organizational decision-making as they think about their sourcing choices for security monitoring. Specifically, some organizations want to decide between “SIEM Brand X” and “MSSP...

Finally, I completed an epic update to my 2012 paper “Security Information and Event Management Architecture and Operational Processes.” I think of this paper, interchangeably, as of “SIEM’s missing manual”...